EIP-2026-109465

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Mihalism Multi Host 5.0 by injecting arbitrary JavaScript code via the 'return' parameter in the registration page. The PoC uses a simple alert payload to confirm the vulnerability.